Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrizree

  1. ok, strange... are you using/testing the "pre-built" portals at all or just your own ones?
  2. Have you used some already existing portal as a "template" when creating your own portal? It seems to load Basicportal and Targetedportal, but at the same time it throws an error not finding a file that is a part of the Google capture portal
  3. Try this https://soruhius.blogspot.com/2020/12/project-name-weirdfeed.html
  4. Well, that's not entirely true, there is more than the Evil Portal available and the Pineapple isn't just about modules even if it's one of the features. I've never been really disappointed with any of my Hak5 devices (and I have 10 out of the different variants made available). You have to be ready to do some work though. Buying Hak5 stuff isn't like buying a toaster in my opinion. Even though Hak5 makes it easier to enter the cybersec arena, you need at least some basic knowledge and... you need some dedication to learn and get better all the time and also be prepared to contribute. So, don'
  5. not necessarily, I run several Linux based hosts with VirtualBox and Kali as guests, I have a written howto for this exact scenario that involves Windows, that's why I'm asking, not sure about the individuals knowledge either, so I need to get a picture of what landscape to adapt to
  6. you don't really need to bother passing the USB (using filters) to the VM since it's a NIC, just set it up as a network adapter for the VM
  7. It looks like a safer bet for you to give the absolute path to the source when doing the scp. You can of course just use the directory name "stand alone", but then you need to be positioned correctly in the file system before executing the scp command. Your scp command states "portal-login" and the error message "Portal-Login". That doesn't look correct. What system/OS are you scp'ing from? Windows? Linux? Mac? Upper and lower case matters in the Linux/Unix world (nothing most Windows users are familiar with). Either scp -r /home/user/Temp/* root@ if the por
  8. Have you tried a factory reset? https://docs.hak5.org/hc/en-us/articles/360023739914-Factory-Reset
  9. I made a promise, so it's time to deliver... I got some time to write it all down https://github.com/chrizree/OwlGPS (BTW... it works on the Hak5 WiFi Pineapple Mark VII as well)
  10. Have you verified that the Galaxy Note is rooted?
  11. Most likely not. In some other situation, I would be bothered, but not with the Pineapple. It's root anyway and it's a known fact that the user exists and it's just the web GUI, not affecting ssh.
  12. Most likely the 3 pack of these https://shop.hak5.org/products/9-dbi-dipole-antenna
  13. It will most likely make no difference at all, but since you seem out of options, why not try anything that is possible. Don't forget that you still need to connect to the Nano using the USB cable when trying to do a recovery so even if adding power, you need to put the other USB connector of the Y-cable into the computer. I'm sure you understand that, just want to be extra clear about it.
  14. I assume that you follow the procedure described in the docs https://docs.hak5.org/hc/en-us/articles/360010471774-Firmware-Recovery I haven't tried it when I have done firmware recoveries on my Nano, but I don't think that SSH is supposed to be available in that mode. Not that it should make any difference, but, have you tried different browsers when trying to connect to the Nano "recovery web server" @ Incognito window? Making sure you aren't trying to use https? Making sure that the Nano gets sufficient power? I seldom trust that the Nano gets enough power even when using t
  15. That's not a USB Rubber Ducky related question, contact the maintainer of the digiQuack tool instead... For starters, you could step through the code, there are elements in it that will throw errors, but, again... that's not USB Rubber Ducky related, it's how you use the Windows OS to execute things
  16. As Rkiver suggested, there's a Bunny section of the forums that should be used, so I guess this thread should be moved. Anyway, there are some bits and pieces that could render possible problems in the original code (i.e. the first post, which seems based on the "official" nmapper payload and then adjusted). For starters how nmap is spelled, with a capital "N" that will throw a "Nmap: command not found". Regarding the latest submitted code suggestion; what is <yOur IP> supposed to be replaced with? The victim is in most situations a "black box" when it comes to knowledge about
  17. This won't give you all possible hosts, just the ones answering to ping, -Pn is needed imo, otherwise you miss some hosts that are out there, but do not tell they are because they are configured in that way. -sV... won't that just add to the time needed to scan? is it important to determine service/version info of the port? I would rather do that in a "second stage" if important and most likely on specific hosts -F is that really relevant when the port is specified?
  18. My guess is that this isn't really C2 related, it's about how the Pi handles IPv6 (it affects other services and daemons the same way). In what way have you tried to disable IPv6 in sysctl and grub?
  19. The shop text contains "Supports massive storage options from the MicroSD card reader hidden inside" and a picture of the Turtle where the SD card slot is in plain view.
  20. What kind of wireless network is your Google Home device on? 5 GHz? If so, you won't get any handshake with the Pineapple unless you have a 5 GHz NIC attached. But, I guess it's on 2.4 GHz since you say "i often don't get" (meaning you get it at least sometime). Handshakes aren't always like ordering from the McDonald's menu, i.e. a deauth won't automagically be equal to obtaining the handshake. Sometimes you can deauth like crazy and still not get it (deauthing too aggressive isn't a good thing either). An alternative less aggressive is to just sit and wait. The handshake will perhaps show up
  21. Correct, trying to connect a client that has previously connected to a secured network, to a network with the same SSID that is open/unprotected will keep you waiting for a long while (like... forever...)
  22. How far are you from the WiFi network that you are trying "mimic"? Are you sure that the clients aren't just reconnecting to the intended network (and not your spoofed one)? What kind of WiFi network are you trying to "mimic"? A PSK protected one?
  23. Look at the "PineAP Basics" video https://docs.hak5.org/hc/en-us/categories/360004116253-WiFi-Pineapple-Mark-VII PineAP main tab > PineAP Settings section > Advanced tab > Allow Associations or use the Active mode
  24. Are the filters set up properly? Associations allowed?
  • Create New...